If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Welcome to Mac-Forums! Join us to comment and to customize your site experience! Members have access to different forum appearance options, and many more functions.

Have you enabled root never be on line as root user? Also you can go into filevault and make a master password that you can change any user password from, but you better not forget that one! I think it can be done from the install CD also if you restart off it

Insert the Mac OS X CD and restart your computer while holding down the C key on the keyboard. When the Installer appears, choose Reset Password from the Installer menu and follow the onscreen instructions.

Have you enabled root never be on line as root user? Also you can go into filevault and make a master password that you can change any user password from, but you better not forget that one! I think it can be done from the install CD also if you restart off it

ARGGHHHHH *head explodes*

Why do you constantly say "never be online as root"? It's like your catchphrase. Do you have a startup item that copies it to your clipboard, so you can just paste it everywhere? You no longer even feel the need to put it into your sentence in a logical place, you just toss it in the middle of a question. And in italics, as if to convey it as a firm truth, when in reality it's total senseless nonsense. STOP IT NOW. I CANNOT STAND IT. You've posted what, almost 2000 times, and I think over half of your posts included this awful meaningless untrue statement. Unless you can back up what you say with some sort of proof (that will be the day), then SHUT UP with it, I'm tired of READING it.

Please remain civil and do not personally attack members....please read the forum rules if you have questions.

As far as not being online as "root", I think that makes perfect sense. "root" has totally control over a system and if by some chance a hacker or virus was able to take over your system while online as "root" it would have complete control.

That is assuming you were to execute malicious code as root. But you could execute malicious code if you were online or not. If a hacker attacked your system, he would not automatically obtain the same access privileges you have. If a hacker was able to successfully "hack" your system, most likely he would have root contol regardless of whatever other users were on the system with root. People are online as root all the time on hundreds of thousands of *nix systems all over the world without batting an eye. A myriad of applications must have root permissions to even run correctly, while online. If there was an operating system where there could only be one level of access at any one time, I would recommend to the users of that operating system, that they should not be online as root. Since this is not the case with Mac OS X, the subject of the forum, I think it's a pointless suggestion.

That's because you are the administrator of the system. Which is most likely what you intended by logging in as root. Regardless, that has absolutely nothing to do with being ONLINE as root, and nothing to do with the behavior of the system to a remote attacker/exploit. Again, the system IS able to handle more than one user's access at a time. So even though the root user might be able to change system files without a prompt, that doesn't mean that a remote attacker can waltz onto your box and be granted root permissions!

Look, it's obvious that you shouldn't log on as root and peruse the net, downloading "warez" and executing arbitrary code. If you did, there's about a one in a million chance that you might accidentally download some 1k Applescript "virus" that some 12 year old wrote, confuse it with a 50 meg fetish video of Cameron Diaz, run it and delete your home directory.
But being *online* as root, ie connected to the internet, is no different (to the remote viewer) than being online as any other user. Even assuming you have vulnerable services running on your system (which is 100% possible now that the AFP exploit is in the wild, and there are plenty of people who decide to turn off Automatic Software Update because they don't know what it is and don't like the sound of it), it would make no difference to the remote observer how *you* were logged in. *sigh* I'm tired of arguing this point. You win, fine, don't be online as root.